what's the link between iSCSI protocol and "stratum+tcp attacks

1

I found a strange file under/var/tmp directory, named ietd.conf

{
    "url" : "stratum+tcp://188.165.254.85:80",
    "user" : "46Z6dQ77i2qAapF4kjLXaaYKCB59eajwaZbmtyyPsxDXWyxPS5nfYoe5t4R7yTgsvT
AxgE8DRwwtKiMxCmM39KCBPfEgL5b",
    "pass" : "x",
    "algo" : "cryptonight",
    "quiet" : true
}

Can someone explain it to me please

Inès Belhouchet

Posted 2017-05-29T12:55:35.533

Reputation: 111

Are you running mining software for an altcoin such as Monero or Bytecoin? – Murch – 2017-05-29T18:44:37.590

@Murch no it's just a Linux machine with ubuntu server, we installed on it a dcm4che server http://www.dcm4che.org/

– Inès Belhouchet – 2017-05-29T20:31:09.250

Answers

2

You most likely have a stealth Monero miner installed, I recommend checking your system for rootkits.

user48462

Posted 2017-05-29T12:55:35.533

Reputation: